From fbd333cf4a4a7d92a37e11d1b201d15fe51d4e09 Mon Sep 17 00:00:00 2001 From: djmaze Date: Thu, 4 Mar 2021 15:23:38 +0100 Subject: [PATCH] Bugfix: allow space in password Bugfix: throw ClientException on failure See #51 --- plugins/change-password/index.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/plugins/change-password/index.php b/plugins/change-password/index.php index 97bd58fdf..9f33a3426 100644 --- a/plugins/change-password/index.php +++ b/plugins/change-password/index.php @@ -116,18 +116,16 @@ class ChangePasswordPlugin extends \RainLoop\Plugins\AbstractPlugin } $sPrevPassword = $this->jsonParam('PrevPassword'); - $sNewPassword = $this->jsonParam('NewPassword'); - if ($sPrevPassword !== $oAccount->Password()) { throw new ClientException(static::CurrentPasswordIncorrect, null, $oActions->StaticI18N('NOTIFICATIONS/CURRENT_PASSWORD_INCORRECT')); } - $sPasswordForCheck = \trim($sNewPassword); - if ($this->Config()->Get('plugin', 'pass_min_length', 10) > \strlen($sPasswordForCheck)) { + $sNewPassword = $this->jsonParam('NewPassword'); + if ($this->Config()->Get('plugin', 'pass_min_length', 10) > \strlen($sNewPassword)) { throw new ClientException(static::NewPasswordShort, null, $oActions->StaticI18N('NOTIFICATIONS/NEW_PASSWORD_SHORT')); } - if ($this->Config()->Get('plugin', 'pass_min_strength', 60) > static::PasswordStrength($sPasswordForCheck)) { + if ($this->Config()->Get('plugin', 'pass_min_strength', 60) > static::PasswordStrength($sNewPassword)) { throw new ClientException(static::NewPasswordWeak, null, $oActions->StaticI18N('NOTIFICATIONS/NEW_PASSWORD_WEAK')); } @@ -163,11 +161,13 @@ class ChangePasswordPlugin extends \RainLoop\Plugins\AbstractPlugin } } - if ($bResult) { - $oAccount->SetPassword($sNewPassword); - $oActions->SetAuthToken($oAccount); + if (!$bResult) { + throw new ClientException(static::CouldNotSaveNewPassword); } + $oAccount->SetPassword($sNewPassword); + $oActions->SetAuthToken($oAccount); + return $oActions->GetSpecAuthToken(); // return $this->jsonResponse(__FUNCTION__, $oActions->GetSpecAuthToken()); }